AWS Network Firewall Firewall Policy
This page shows how to write Terraform and CloudFormation for Network Firewall Firewall Policy and write them securely.
aws_networkfirewall_firewall_policy (Terraform)
The Firewall Policy in Network Firewall can be configured in Terraform with the resource name aws_networkfirewall_firewall_policy
. The following sections describe 4 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_networkfirewall_firewall_policy" "test-firewall-policy" {
name = "test-aws-network-firewall-policy"
firewall_policy {
stateless_default_actions = ["aws:forward_to_sfe"]
stateless_fragment_default_actions = ["aws:pass"]
stateless_rule_group_reference {
resource "aws_networkfirewall_firewall_policy" "this" {
name = local.name
description = "allow domain list"
firewall_policy {
stateless_default_actions = ["aws:forward_to_sfe"]
stateless_fragment_default_actions = ["aws:forward_to_sfe"]
resource "aws_networkfirewall_firewall_policy" "this" {
name = "firewallPolicy"
firewall_policy {
stateless_default_actions = ["aws:forward_to_sfe"]
stateless_fragment_default_actions = ["aws:forward_to_sfe"]
resource "aws_networkfirewall_firewall_policy" "default" {
name = "transit-gateway-centralized-east-west-net-fw"
firewall_policy {
stateless_default_actions = ["aws:forward_to_sfe"]
Parameters
-
arn
optional computed - string -
description
optional - string -
id
optional computed - string -
name
required - string -
tags
optional - map from string to string -
update_token
optional computed - string -
firewall_policy
list block-
stateless_default_actions
required - set of string -
stateless_fragment_default_actions
required - set of string -
stateful_rule_group_reference
set block-
resource_arn
required - string
-
-
stateless_custom_action
set block-
action_name
required - string -
action_definition
list block-
publish_metric_action
list block
-
-
-
stateless_rule_group_reference
set block-
priority
required - number -
resource_arn
required - string
-
-
Explanation in Terraform Registry
Provides an AWS Network Firewall Firewall Policy Resource
AWS::NetworkFirewall::FirewallPolicy (CloudFormation)
The FirewallPolicy in NetworkFirewall can be configured in CloudFormation with the resource name AWS::NetworkFirewall::FirewallPolicy
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
FirewallPolicyName
required - String -
FirewallPolicy
required - FirewallPolicy -
Description
optional - String -
Tags
optional - List of Tag
Explanation in CloudFormation Registry
Use the AWS::NetworkFirewall::FirewallPolicy to define the stateless and stateful network traffic filtering behavior for your AWS::NetworkFirewall::Firewall. You can use one firewall policy for multiple firewalls.
Frequently asked questions
What is AWS Network Firewall Firewall Policy?
AWS Network Firewall Firewall Policy is a resource for Network Firewall of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Network Firewall Firewall Policy?
For Terraform, the toddlers/aws-network-firewall-workflow, pete911/eks-cluster and keithrozario/firewall_egress source code examples are useful. See the Terraform Example section for further details.